Fedora Nano

Introduction

Fedora Nano is a project with three goals:

1. Develop and document a technique for installing the smallest possible Fedora installation onto a CompactFlash or other solid-state disk.
2. Provide a centralized location for package enhancement requests geared towards small, embedded systems. Most often, packages will be broken up into core and optional components, reducing core package dependencies.
3. Document redundancy within Fedora. Redundancy can be an indication of a healthy software environment as competing projects may promote innovation. However, redundancy also increases memory and disk usage and makes code auditing more difficult.

I am using the following components:

• VIA EPIA ME6000 Fanless Mini-ITX Motherboard
• PC2100/DDR266 256MB Memory
• Morex 2699 Mini-ITX Case
• Round IDE cables
• CFDISK.2G CompactFlash to IDE adapter
• Notebook 2.5" to 2.3" HD IDE adapter (soldered into molex connector)

Installation of Fedora 9 on a CompactFlash disk

These instructions assume your build host is of the same architecture as your target.

1. Create a filesystem on the CompactFlash disk and mount it at /mnt.
2. Use the command yumdownloader --installroot=/mnt --resolve --destdir=packages package to download the following packages and their dependencies (see also Use yum to install to a temporary, yumless filesystem, yum bug #1):
• filesystem
• busybox
3. Use the command rpm --root /mnt -Uvh packages/*.rpm to install the packages downloaded using the previous step.
4. At a minimum, create the following busybox links:
• ln -s /sbin/busybox /mnt/sbin/init
• ln -s /sbin/busybox /mnt/bin/sh
• ln -s /sbin/busybox /mnt/bin/hostname
• ln -s /sbin/busybox /mnt/bin/mv
• ln -s /sbin/busybox /mnt/bin/touch
5. Edit /mnt/etc/init.d/rcS to execute startup services.
6. Build and install a custom kernel (my configuration is available here):
• Copy your kernel config to .config and run make oldconfig or run make menuconfig to configure the kernel.
• make clean
• make clean binrpm-pkg
• rpm --root /mnt -Uvh /usr/src/redhat/RPMS/1/kernel.rpm
7. Add an entry to /etc/grub.conf for the new root disk.
8. Execute grub-install primary-disk-devnode.
9. Use pwconv to create /etc/shadow.

In order to make the root filesystem readonly, perform the following steps:

1. /var, /home and /tmp should be mounted from a readwrite partition. I have these directories on one partition and mount them by adding /shared/var /var none bind 0 0 to /etc/fstab.
2. Set READONLY=yes in /etc/sysconfig/readonly-root.

Fine-grained Package Requests

Pull out perl dependency

Perl is a good language, but may be too large a requirement for some small systems.

• Stunnel: Pull /usr/sbin/stunnel3 into seperate package?, Red Hat Bugzilla #442842
• Bogofilter: Pull /usr/bin/bogoupgrade into seperate package?, Red Hat Bugzilla #442843

cups

/usr/lib/cups/backend/dnssd is written in perl. This is a CUPS backend that discovers printers using avahi. See the CUPS Software Programmers Manual. move cups perl backends into sub package, Red Hat Bugzilla #465157

fedora-ds-base

Several FDS scripts are written in perl.

foomatic

Much of foomatic is written in perl. RFE: Migrate to C foomatic once feasible, Red Hat Bugzilla #466068

postfix

/usr/sbin/qshape is written in perl. Pull components dependent on perl out of main postfix package?, Red Hat Bugzilla #467529

ntp

/usr/sbin/ntp-wait and /usr/sbin/ntptrace are written in perl.

net-snmp

Some components are written in perl.

Pull out MySQL dependency

• Postfix: Provide both mysql and postgresql support using loadable maps patch, Red Hat Bugzilla #455206

Separate documentation packages

Package documentation, installed in /usr/share/doc, can occupy a lot of storage space. It would be beneficial to separate documentation into a -doc sub-package.

Separate locale packages

The /usr/lib/locale and /usr/share/locale directories quickly grow as more internationalized packages are added to a system. It would be beneficial to control which locales are installed. Perhaps a specialized package installation system like the one that has been developed for media codecs could be applied to this problem.

Redundancy Tracker

Tracking redundancy throughout all of Fedora is beyond the scope of this project. Instead, we focus on redundencies brought in by the following packages:

• Fedora Directory Server
• Kerberos
• FreeIPA
• Apache
• mod_nss
• OpenSSH
• Postfix
• Dovecot
• Samba
• Avahi
• Jabberd
• Bogofilter
• mt-daapd
• inadyn

FreeIPA requires OpenLDAP, FDS requires mozldap

I submitted a patch so that FreeIPA may be built against mozldap. This package was integrated into FreeIPA. However, it was later reported that my patch broke ipa-kpasswd. As a result, I submitted a second patch that fixed a preexisting misuse of the OpenLDAP API.

NSS vs. OpenSSL vs. the world

The Crypto Consolidation Bug is an ambitious project to make NSS the standard cryptological library for Fedora.